0

Discussion topic: Two Step Verification

Reply
Reply
This message was authored by: Mark39

Re: Two Step Verification

Posted by a Superuser, not a Sky employee. Find out more

@piepowder Sky long since stopped allowing the creation of new email addresses, but prior to that, you could certainly have multiple email accounts.

 

I suspect provision of their free email service is a millstone around Sky's corporate neck which they would love to see the back of. 

This message was authored by: piepowder

Re: Two Step Verification

@Mark39

indeed you are likely correct but as with other providers legacy service of maintaining user name function seems to be a committment that cannot be wriggled out of.

 

However, corporate think tank of the youngsters likely means that by making life awkward people will drift away and so the service can be closed or sold off. This seems to be the case with SKY Q vs streaming via SKY glass. It is cheaper to let the satellites tumble and not be replaced and use landline fibreoptic cabling. Which is fine as no new astellites are required or use of A N Other's satellite. However streaming is not so frisky. To load Disney+ (not my cup of tea anyhow) I timed at 37 seconds to load. Whereas non-streaming is almost instant. A SKY engineer who had to replace a dead SKY Q box stated that they, and other SKY engineers do not like Glass and streaming due to delays and inability to set record and then instantly watch. They will themselves use SKY Q. Streaming means SKY reduce risk of via-satellite, but the user is fixed to streaming, that is not so instant given the slowness of search etc and each platform functions differently - to be learned. No doubt SKY satellite (SKY then being an oxymoron as no actual use of the sky) will switch off and coercion of must-use-streaming will dominate. And therein is the niggle - a) lack of choice and tithe'd to total internet control and hence data control. Skynet to be. (Terminator fans). I'm not being NIMBY about this I do understand progress, I just don't relish it for teh sake of it, just because some newbie code-merchant thinks that they know the world. The sadness of think of those internet fed is that it is never new. Information is in a cycle. I wrote a doctorate thesis pre-internet. That was a manual trawl of published bibliography and researck indexes. I found that the information was in 30 year cycles. Why? Because do not think it has ever been done before - just because they can't find it. Which is because they do not know how. These days it it ain't om Google - it doessn't exist. Which is not the case. As I didge the coffin I notice ever more information ins my old field of work displayed as new - which it isn't. It is just a Google trawl, believing everything is on  teh  internet - it isn't. Further thses days the internet csna no longer be a trustworthy source of information due to corruption & AI & contructed fake information & scams etc. I witness daily closure of banks off the high street forcing people to go online. Fine - but if you don't have the internet nor can use a mobile phone easily such as elderly friends have - what then - ageist exclusion by a younger society? Sorry to rant on, but the issue to me is simple. Users are subscribers. Subscribers pay money. That money pays corporate salaries. So like it or not there is an indirect contract between SKY corporation and SKY users both moral and physical. /rant 😁

 

Sorry to take up your head space, but this 2 factor business is creep coercion that is now endemic bu simply accepted as norm. 1984 anyone?

cheers

This message was authored by: SteveSimon

Re: Two Step Verification

This 'mandatory' 2FA is a deal breaker for my mother - she is 85 and doesn't have a mobile phone! 

 

She is capable of managing her Sky account online but they have now blocked access to her emails. I suppose the only option is to create a new email account elsewhere and then go through the labourious process to update all her online accounts with other online vendors.

 

not everyone is in their 20's and completely tech savvy - not impressed.

This message was authored by: Mark39

Re: Two Step Verification

Posted by a Superuser, not a Sky employee. Find out more

@SteveSimon I'd recommend your mother gives Sky a call to explain her circumstances and ask how they can help her.

This message was authored by: piepowder

Re: Two Step Verification

OK 

1. I have now had a response from the complaint team to the complaint i sentand aim to contact today if possible

2. I started the day with a shut down computer (PC) - as one has always been advised to do, also means no access.

3. I opened up with eM Client and an overnight e-mail @Sky.com was there. Hence eM Client (and I presume other email client progrmmes) bypasses SKY 2 stage verification.

4. I then switched online access to a VPN. This would not allow any access to SKY. It would seem that SKY access is limited geographically to server.

5. I then opened up SKY email. As usual 2 stage verification required despite the 30 day "keep me signed in". Which as others have noted means that if you do switch off your computer or sign out, then the 30 day sign in is null and void. You then have to try the recovery code. Which means that you sign in again and get another new recovery code - every day you re-sign in or restart. Every day.

[removed]

 

So that is the state of play as of today. So choices include:

a) putting up with it

b) complaining formally [safeguarding?]

c) never switching off your computer and never signing out, technically constantly "live" so A N Othe could then access your e-mails, which raather defeats the purpose of 2 stage if it is constantly signed in to avoid re-signing in. After all many people are singular users, sitting at home and don't have someone hovering in teh background. 

d) don't try the  VPN (even though standard method of avoiding age-verification on a website as was discovered within 3 minutes of the Government edict of age verification) 

[removed]

f) change to A N Other e-mail service e.g. gmail with the attendant hassle of emailing everyone of your new means of communication

g) hope and pray that someone sees the light and offers opt out as a sensible option - but how will you know unless at log in - as it was. Then one can ditch the mobile-phone-beside-the-computer-to-log-in-with-2-stage-every-day  malarkey and go back to a more normal life, given that technology is there to serve us, not vica versa. 

 

If I get anywhere with the formal complaint I'll post it - but doubt one will achieve anything. Unfortunately as I am unablke to find a way of tracking back previous posts (can one - other than bookmark it?) unless someone shows me how on profile it may be anew post or added to a recent.

 

Cheers, yours in the SKY doghouse

 

Moderator Actions: Removed inappropriate comments 

 

This message was authored by: piepowder

Re: Two Step Verification

update

OK I contacted SKY complaint team as per their e-mail.

Bottom line - no change; in place to stay.  Advice for anyone struggling e.g. elderly parent etc is to contact SKY on the main number . The conversation was professional and courteous from the complaints team. No argument nor animosity - listening.

 

Some more detail :

The decision was made by SKY in response to OFCOM making note to SKY of the need for 2 step verification security. [One might ponder OFCOM decision making  given Martin Lewis comments yesterday on the TV news (public domain) about OFCOM's rule of mid-contract price changes with mobile phones]. The SKY view is protection of an individual user as a supplier against hacking of e-mails.  Hence it  is taken as essential that 2 step verification is necessary and is universally applied on their e-mail platform.  The deciison is not being revoked, nor an opt-out clause introduced, unless SKY decide to do that themselves. Whilst in my conversation note-taking occurred for reference and passing up the chain of command, I am but a single voice - in the wilderness. Unless other users also agree that an opt-out clause is of personal use and liability from risk and so should be made available as personal knowledge choice of taking the risk, then a single voice is unlikely to change anything.

 

Ethical thoughts: I make a thought that if one had cancer and was offered surgery to remove that cancer - one always has the option to say 'No'. This is the ancient and so long recognised acknowledged  ethical right of autonomy from Greek philosophers such as Plato and Aristotle through to Immanuel Kant (1724–1804) etc: - to make decision for one's self, by one's self about one's self. Essentially opt out and experience the consequences. Autonomy - the right to self determination has been around for centuries and underpins "opt out". Those who opt out then may, or may not, suffer the consequences of that decision. (Sorry for the diversion into ethics, but it is illustrative of individuality and choice if one is aware of known consequences - a.k.a. Consequence Analysis).

 

So there you have it. SKY could change their minds and offer opt out - but that will be their decision. How SKY might consider or even  reach such a decision is not for me to say. Such a decision might mean  simply appearing at 2 step log in screen as an opt-out option - like it did before it then  became universal.

 

This post I hope does not put me again in the SKY doghouse as it is passing on an experience, not an accusation.

Avatar for NicholasLBH
Level 4 icon
Topic Author
This message was authored by: NicholasLBH

Re: Two Step Verification

Re: piepowder

 

Personally, I think you should be given a literature award, for excellence !    And extra brownie points.  

 

But seriously, thank you for feeding back to the community.

 

It's just a shame we can't get a simple explanation from SKY, about why they changed their 2 step verification process, in the first place.     

 

Regards. 

This message was authored by: jayach

Re: Two Step Verification

Posted by a Superuser, not a Sky employee. Find out more

@piepowder wrote:

3. I opened up with eM Client and an overnight e-mail @Sky.com was there. Hence eM Client (and I presume other email client progrmmes) bypasses SKY 2 stage verification.


@piepowder 

Do you know if you are using OAuth or a generated password with eMclient? (I've checked, and yes it can use OAuth)

 

Apps/clients using OAuth do not bypass the 2FA requirement, as setting them up requires 2FA, but it only has to be done once, unless you have to re-install the email account.

 

Apps using generated passwords do bypass the 2FA requirements, but as it is no longer possible to generate passwords it would no longer be possible to re-install the account that way. (unless you kept a copy of the previously generated password)

This message was authored by: piepowder

Re: Two Step Verification

@jayach

sorry I am a technophobe - just a practised fiddler-under-the-bonnet and hence modernity of such things is beyond me. I am a point-and-shoot or a pen-and-paper type of person when it comes to technology. I am old skool - brought up on a BBC B and daisy wheel printer. So sorry cannot elaborate. I installed eM Client after Mozilla stopped supporting Thunderbird and SKY changed from (I think) Google to Yahoo. I simply just-did-it - as one could. But unless you pay you can only have two accounts on it. OK not as all singing-and-dancing as Yahoo e.g. blocking spammers but is kind of useful if in a dark corner in life regarding technology.

regards

PP

This message was authored by: AuldReekie

Re: Two Step Verification

Yes, they are a total pain. 2FA disappeared for a while recently (response to endless complaints?) but has reared its ugly head again. No notification of course, just like last time. I'm not against 2FA per se but if you don't have a mobile or you can't get a signal most of the time (my situation) - what do you do?  Why can't they set it up so that a landline could be used? Banks do it. They phone you and read out the code number - a pain but at least it works. It would help some people. You could be asked to type in the name of the first street you lived in which, I think, is part of your security info.

They say an elderly person should phone the main Sky number, but what would be the point? What would they (Sky) do? It's only of value if they can make exceptions for people - in which case, why aren't they?

I used the recovery code this morning just out of curiosity but it didn't connect me to email. It said it would send another six digit code to my phone...aaaargh. Just unbelievable. In my account (Settings? - not sure) I found a link 'Manage two factor authentication'. So I clicked on it about 15 times and, of course, nothing happened. Really helpful aren't they!

[removed]

 

Moderator Actions: Removed inappropriate comments

This message was authored by: SteveSimon

Re: Two Step Verification

Contacted Sky yesterday about disabling 2FA for my 85 yo mother (with no mobile phone). Agent said it was forwarded to Tech Team to resolve within 24 hours - now 25 hours and still waiting. Not holding my breath on getting it fixed soon.

 

Not keen on creating a new email elsewhere because of the attnedant hassle of changing contact details on other webstores, friends & family, etc

 

This message was authored by: Mark39

Re: Two Step Verification

Posted by a Superuser, not a Sky employee. Find out more

@SteveSimon has your mother tried logging in again?

This message was authored by: SteveSimon

Re: Two Step Verification

Yes multiple times over the 24 hour period - 2FA still active

This message was authored by: jayach

Re: Two Step Verification

Posted by a Superuser, not a Sky employee. Find out more

@piepowder wrote:

I installed eM Client after Mozilla stopped supporting Thunderbird


Mozilla haven't stopped supporting Thunderbird, it's still Part of the Mozilla Family

This message was authored by: piepowder

Re: Two Step Verification

@jayach

As far as I am aware from the past comments from Mozilla - that Thunderbird remains - but that Mozilla could not commit the future resources to support it in face of the new kids on the block "crowding out the cyber space" e.g. the software giants from silicone valley  etc.  I guess it stays as "old tech" which in terms of hackers etc would be beyond their knowledge now, so maybe a good thing?

If I understand it Open Source is the bane of hackers as there are so many splinter variants of original core OS based on Linux kernel such as Debian derivatives or Ubuntu etc etc. Closed source is singular and hence requires levels of anti-malice protection due to its singularity.

 

A more common method of secuity is at the moment is to enter your e-mail address and receive a one time pass code to that. The 2 step verification to get into your e-mails comes first. Part of the nuisance to me is that if you shut down your computer, as one is told to do,  then you have to start all over again. so a daily , or even more frequent event. And as alluded to above - if your mobile phone (if you have one and can  use it) signal is dreadful - and their are indeed dead pockets often in new builds - the option to access is barred.

 

There is no easy answer

Reply